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Abstract 


There are numerous cyber attacks that take place every year in the cloud computing 
environment. Few common cyber attacks include denial of service (DOS) attacks, 
phishing attacks, SQL injection attacks, ransomware attacks, and many other malware 
driven attacks. During the presence of cyber-attacks, the information security teams of 
the victim organization should always strive to minimize the attack effects by limiting 
the attack to affect minimum number of services, servers, networks, and customers. 
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Cyber attacks may spread quickly in the cloud environment because of shared resources 
and network. One obvious method is to separate or isolate the affected victim service or 
machine from the rest of the services or the network. There may be other methods which 
may always try to hide the victim service from the direct contact by the attackers. This 
may include methods such as using load-balancers or moving target defense (MTD) 
driven methods. We see a heavy use of resource sharing in multi-tenant environments 
such as cloud infrastructures. Not having proper resource isolation may also result into 
collateral damages among the multi-tenant services in cloud based deployments. 
Resource containment, migration, and victim separation are some of the methods which 
may help in managing resources of cloud infrastructure during the attack presence. In 
this chapter, we discuss a new area of cyber attack management which we denote as 
‘victim separation’, where we collate important methods helping in victim service 
separation and isolation to minimize the attacks effects. For this, we include 
contributions from the areas such as resource isolation, moving target defense (MTD), 
migration, demilitarized zone, and solutions to co-residency attacks. We also provide a 


discussion and future directions related to the area of victim separation. 


e@ This is a preview of subscription content, log in via an institution (4 to check 


access. 
Access this chapter 
A Chapter EUR 29.95 


Price includes VAT (Portugal) 


Available as PDF 
Read on any device 
Instant download 


Own it forever 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8 12 2/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 


BuyChapter > 


Vv eBook EUR 145.51 


w Hardcover Book EUR 192.59 


Tax calculation will be finalised at checkout 


Purchases are for personal use only 


Institutional subscriptions > 


References 


1. Cloudfare: DDoS attack statistics (2021). https://www.cloudfare.com/en- 
in/learning/ddos/famous-ddos-attacks/ (retrieved on December 21, 2021) 


2. Diego Asturias: DDoS attack statistics (2021). 


https://www.cloudbric.com/blog/2021/04/most-notorious-ddos-attacks-in-history- 
2021-update/ (retrieved on December 21, 2021) 


3, Singh, G.K., Somani, G.: Cross-VM Attacks: attack taxonomy, defense mechanisms, 


and new directions. In: Versatile Cybersecurity, pp. 257—286. Springer (2018) 


Google Scholar 


4. Bazm, M.-M., Lacoste, M., Südholt, M., Menaud, J.-M.: Isolation in cloud computing 
infrastructures: new security challenges. Ann. Telecommun. 74(3), 197—209 (2019) 


Article Google Scholar 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8_12 3/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 


5. 


Bhushan, K., Gupta, B.B.: Network flow analysis for detection and mitigation of 
Fraudulent Resource Consumption (FRC) attacks in multimedia cloud computing. 
Multimed. Tools Appl. 78(4), 4267—4298 (2019) 


Google Scholar 


_ Somani, G., Gaur, M.S., Sanghi, D.: DDoS/EDoS attack in cloud: affecting everyone out 


there! In: Proceedings of the 8th International Conference on Security of Information 
and Networks, pp. 169—176 (2015) 


Google Scholar 


_ Somani, G., Gaur, M.S., Sanghi, D., Conti, M.: Collateral damage to non-targets: ddoS 


attacks in cloud computing. Comput. Netw. 109, 157—171 (2016) 


Article Google Scholar 


Li, Z., Jin, H., Zou, D., Yuan, B.: Exploring new opportunities to defeat low-rate DDoS 
attack in container-based cloud environment. IEEE Trans. Parallel Distrib. Syst. 31(3), 
695-706 (2019) 


Article Google Scholar 


_ Patidar, A., Somani, G.: Serving while attacked: ddos attack effect minimization using 


page separation and container allocation strategy. J. Inf. Sec. Appl. 59, 102818 (2021) 


Google Scholar 


10. Somani, G., Gaur, M.S., Sanghi, D., Conti, M., Rajarajan, M.: Scale inside-out: Rapid 


mitigation of cloud DDoS attacks. IEEE Trans. Depend. Sec. Comput. 15(6), 959—973 
(2017) 


Google Scholar 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8 12 4/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 
11. Huangxin Wang, Fei Li, and Songqing Chen. Towards cost-effective moving target 
defense against ddos and covert channel attacks. In: Proceedings of the 2016 ACM 
Workshop on Moving Target Defense, pp. 15—25 (2016) 


Google Scholar 


12. Bülbül, N.S., Fischer, M.: SDN/NFV-based DDoS mitigation via pushback. In: ICC 
2020-2020 IEEE International Conference on Communications (ICC), pp. 1—6. IEEE 
(2020) 


Google Scholar 


13. Aydeger, A., Saputro, N., Akkaya, K., Rahman, M.: Mitigating crossfire attacks using 
SDN-based moving target defense. In: 2016 IEEE 41st Conference on Local Computer 
Networks (LCN), pp. 627—630. IEEE (2016) 


Google Scholar 


14. Chowdhary, A., Pisharody, S., Huang, D.: SDN based scalable MTD solution in cloud 
network. In: Proceedings of the 2016 ACM Workshop on Moving Target Defense, pp. 
27—36 (2016) 


Google Scholar 
15. Verma, P., Tapaswi, S. and Godfrey, W.W.: AVDR: a framework for migration policy to 


handle DDoS attacked VM in cloud. Wirel. Person. Commun. 115(2), 1335—1361 
(2020) 


Google Scholar 


16. Abbas Horri, Mohammad Sadegh Mozafari, and Gholamhossein Dastghaibyfard. 
Novel resource allocation algorithms to performance and energy efficiency in cloud 
computing. The Journal of Supercomputing, 69(3):1445—1461, 2014 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8 12 5/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 


Google Scholar 


17. Ghribi, C., Hadji, M., Zeghlache, D.: Energy efficient vm scheduling for cloud data 
centers: exact allocation and migration algorithms. In: 2013 13th IEEE/ACM 
International Symposium on Cluster, Cloud, and Grid Computing, pp. 671—678. IEEE 
(2013) 


Google Scholar 


18. Nadgowda, S., Suneja, S., Bila, N., and Isci, C.. Voyager: complete container state 
migration. In: 2017 IEEE 37th International Conference on Distributed Computing 
Systems (ICDCS), pp. 2137—2142. IEEE (2017) 


Google Scholar 
19, Yu, C., Huan, F.: Live migration of docker containers through logging and replay. In: 


Advances in Computer Science Research, International Conference on Mechatronics 
and Industrial Informatics (2015) 


Google Scholar 


20. Wipro: Advantage of SDN (2021). https://www.wipro.com/infrastructure/sdn- 
adoption-in-enterprises/ (retrieved on December 23, 2021) 


21. Cyber defense magazine: Needs of DMZ (2021). 


https: //www.cyberdefensemagazine.com/why-do-you-need-a-dmz-gateway/ 
(retrieved on December 27, 2021) 


22. Rochwerger, B., Breitgand, D., Epstein, A., Hadas, D., Loy, I., Nagin, K., Tordsson, J., 
Ragusa, C., Villari, M., Clayman, S., et al.: Reservoir-when one cloud is not enough. 
Computer 44(3), 44—51 (2011) 


Article Google Scholar 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8_12 6/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 


23. 


24. 


25. 


26. 


27. 


28. 


Somani, G., Chaudhary, S.: Application performance isolation in virtualization. In: 
2009 IEEE International Conference on Cloud Computing, pp. 41—48 (2009) 


Google Scholar 


Koto, A., Yamada, H., Ohmura, K., Kono, K.: Towards unobtrusive vm live migration 
for cloud computing platforms. In: Proceedings of the Asia-Pacific Workshop on 
Systems, pp. 1—6 (2012) 


Google Scholar 


Nidhi Jain Kansal and Inderveer Chana: Energy-aware virtual machine migration 
for cloud computing-a firefly optimization approach. J. Grid Comput. 14(2), 327— 
345 (2016) 


Article Google Scholar 


Mirkin, A., Kuznetsov, A., Kolyshkin, K.: Containers checkpointing and live 


migration. In: Proceedings of the Linux Symposium, vol. 2, pp. 85—90 (2008) 


Google Scholar 


Hoon, K.S., Yeo, K.C., Azam, S., Shunmugam, B., De Boer, F.: Critical review of 
machine learning approaches to apply big data analytics in ddos forensics. In: 2018 
International Conference on Computer Communication and Informatics (ICCCI), pp. 
1—5. IEEE (2018) 


Google Scholar 


Dinh, P.T., Park, M.: Bdf-sdn: a big data framework for ddos attack detection in 
large-scale sdn-based cloud. In: 2021 IEEE Conference on Dependable and Secure 
Computing (DSC), pp. 1—8. IEEE (2021) 


Google Scholar 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8 12 


7/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 
29, Jia, Q., Sun, K., Stavrou, A.: Motag: moving target defense against internet denial of 
service attacks. In: 2013 22nd International Conference on Computer 
Communication and Networks (ICCCN), pp. 1—9. IEEE (2013) 


Google Scholar 


30. Hong, J.B., Kim, D.S.: Assessing the effectiveness of moving target defenses using 
security models. IEEE Trans. Depend. Sec. Comput. 13(2), 163—177 (2015) 


Google Scholar 


31. Alavizadeh, H., Hong, J.B., Jang-Jaccard, J., Kim, D.S.: Comprehensive security 
assessment of combined MTD techniques for the cloud. In: Proceedings of the 5th 
ACM Workshop on Moving Target Defense, pp. 11—20 (2018) 


Google Scholar 


32. Venkatesan, S., Albanese, M., Amin, K., Jajodia, S., Wright, M.: A moving target 
defense approach to mitigate DDoS attacks against proxy-based architectures. In: 
2016 IEEE Conference on Communications and Network Security (CNS), pp. 198— 
206. IEEE (2016) 


Google Scholar 
33, Casola, V., De Benedictis, A., Rak, M., Villano, U.: A security SLA-driven moving 


target defense framework to secure cloud applications. In: Proceedings of the 5th 
ACM Workshop on Moving Target Defense, pp. 48—56 (2018) 


Google Scholar 


34. Somani, G., Gaur, M.S., Sanghi, D., Conti, M., Buyya, R.: Service resizing for quick 
DDoS mitigation in cloud computing environment. Ann. Telecommun. 72(5), 237— 
252 (2017) 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8 12 8/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 


Google Scholar 


35. Varadarajan, V., Kooburat, T., Farley, B., Ristenpart, T., Swift, M.M.: Resource- 
freeing attacks: improve your cloud performance (at your neighbor’s expense). In: 
Proceedings of the 2012 ACM Conference on Computer and Communications 
Security, pp. 281—292 (2012) 


Google Scholar 


36. Liang, X., Gui, X., Jian, A.N., Ren, D.: Mitigating cloud co-resident attacks via 
grouping-based virtual machine placement strategy. In: 2017 IEEE 36th 
International Performance Computing and Communications Conference (IPCCC), 
pp. 1—8. IEEE (2017) 


Google Scholar 


37. Bates, A., Mood, B., Pletcher, J., Pruse, H., Valafar, M., Butler, K.: Detecting co- 
residency with active traffic analysis techniques. In: Proceedings of the 2012 ACM 
Workshop on Cloud computing Security Workshop, pp. 1—12 (2012) 


Google Scholar 


38. Zhang, Y., Juels, A., Oprea, A., Reiter, M.K.: Homealone: co-residency detection in 
the cloud via side-channel analysis. In: 2011 IEEE Symposium on Security and 
Privacy, pp. 313—328. IEEE (2011) 


Google Scholar 


39, Shringarputale, S., McDaniel, P., Butler, K., Porta, T.L.: Co-residency attacks on 
containers are real. In: Proceedings of the 2020 ACM SIGSAC Conference on Cloud 
Computing Security Workshop, pp. 53—66 (2020) 


Google Scholar 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8_12 9/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 
40. Lyu, Y., Mishra, P.: A survey of side-channel attacks on caches and 
countermeasures. J. Hardw. Syst. Sec. 2(1), 33—50 (2018) 


Article Google Scholar 


41. Crichigno, J., Bou-Harb, E., Ghani, N.: A comprehensive tutorial on science DMZ. 
IEEE Commun. Surv. Tutor. 21(2), 2041—2078 (2018) 


Article Google Scholar 


42. Young, S.: Designing a DMZ (2001). https://www.sans.org/white-papers/950/ 
(retrieved on December 28, 2021) 


43. Duziack, L.: How to configure a DMZ for secure collaboration (2001). 


https: //cdn.kramerav.com/web/downloads/white-papers/via how to configure a 
dmz.pdf (retrieved on December 28, 2021) 


44. Cai, G., Wang, B., Wei, H., Wang, T.: Moving target defense: state of the art and 
characteristics. Front. Inf. Technol. Electron. Eng. 17(11), 1122—1153 (2016) 


Article Google Scholar 
45. Yu, S., Tian, Y., Guo, S., Wu, D.O.: Can we beat DDoS attacks in clouds? IEEE Trans. 
Parallel Distrib. Syst. 25(9), 2245—2254 (2013) 
Google Scholar 
46. Leelipushpam, P.G.J., Sharmila, J.: Live VM migration techniques in cloud 


environment-a survey. In: 2013 IEEE Conference on Information & Communication 
Technologies, pp. 408—413. IEEE (2013) 


Google Scholar 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8 12 10/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 
4']. Higgins, M., Teng, F., Parisini, T.: Stealthy MTD against unsupervised learning- 
based blind FDI attacks in power systems. IEEE Trans. Inf. Forensics Secur. 16, 1275— 
1287 (2020) 


Article Google Scholar 


48. Qiu, Y., Wu, J., Mumtaz, S., Li, J., Al-Dulaimi, A., Rodrigues, J.J.: Mt-mtd: muti- 
training based moving target defense trojaning attack in edged-AI network. In: ICC 


2021-IEEE International Conference on Communications, pp. 1—6. IEEE (2021) 


Google Scholar 


49, Mani, G., Haliem, M., Bhargava, B., Manickam, I., Kochpatcharin, K., Kim, M., 
Vugrin, E., Wang, W., Jenkins, C., Angin, P. et al.: Machine learning based resilience 
testing of an address randomization cyber defense. IEEE Trans. Depend. Sec. 
Comput. (2023) 


Google Scholar 


50. Yang, R., Ouyang, X., Chen, Y., Townend, P., Xu, J.: Intelligent resource scheduling at 
scale: a machine learning perspective. In: 2018 IEEE symposium on service- 
oriented system engineering (SOSE), pp. 132—141. IEEE (2018) 


Google Scholar 
51. Atya, A.O.F., Qian, Z., Krishnamurthy, SV., La Porta, T., McDaniel, P., Marvel, L.: 


Malicious co-residency on the cloud: Attacks and defense. In: IEEE INFOCOM 2017- 
IEEE Conference on Computer Communications, pp. 1—9. IEEE (2017) 


Google Scholar 


52, Saxena, D., Gupta, R., Singh, A.K., Vasilakos, AV.: Emerging vm threat prediction 
and dynamic workload estimation for secure resource management in industrial 
clouds. IEEE Trans. Autom. Sci. Eng. (2023) 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8_12 11/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 


Google Scholar 


53, Tan, M., Wan, J., Zhou, Z., Li, Z.: Invisible probe: timing attacks with pcie 
congestion side-channel. In: 2021 IEEE Symposium on Security and Privacy (SP), 
pp. 322-338. IEEE (2021) 


Google Scholar 


54. Jo, C., Cho, Y., Egger, B.: A machine learning approach to live migration modeling. 
In: Proceedings of the 2017 Symposium on Cloud Computing, pp. 351—364 (2017) 


Google Scholar 


55. Moghaddam, S.M., O’Sullivan, M., Walker, C., Piraghaj, S.F., Unsworth, C.P.: 
Embedding individualized machine learning prediction models for energy efficient 
vm consolidation within cloud data centers. Future Gener. Comput. Syst. 106, 221- 
233 (2020) 


Google Scholar 

D6. Belgacem, A., Mahmoudi, S., Ferrag, M.A.: A machine learning model for improving 
virtual machine migration in cloud computing. J. Supercomput. 1—23 (2023) 

Google Scholar 


D7. Somani, G., Khandelwal, P., Phatnani., K.: VUPIC: virtual machine usage based 
placement in IaaS cloud (2012). arXiv:1212.0085 


Chowdhury, M.R., Mahmud, M.R., Rahman, R.M.: Implementation and 

5 8 ° y, ) t ) ) P. 
performance analysis of various VM placement strategies in CloudSim. J. Cloud 
Comput. 4(1), 1—21 (2015) 


Google Scholar 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8_12 12/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 


59, Chowdhury, M.R., Mahmud, M.R., Rahman, R.M.: Study and performance analysis 
of various VM placement strategies. In: 2015 IEEE/ACIS 16th International 
Conference on Software Engineering, Artificial Intelligence, Networking and 
Parallel/Distributed Computing (SNPD), pp. 1—6. IEEE (2015) 


Google Scholar 
Acknowledgements 


This research work is partially supported by the Science and Engineering Research Board 
(SERB), Department of Science and Technology (DST), Government of India with the help 
of a Core Research Grant number CRG/2020/005759. 


Author information 


Authors and Affiliations 


Central University of Rajasthan, Ajmer, India 


Anmol Kumar & Gaurav Somani 


Corresponding author 


Correspondence to Gaurav Somani . 


Editor information 


Editors and Affiliations 


Department of Computer Science, Mahishadal Raj College, Mahishadal, India 
Anwesha Mukherjee 


Department of Computer Science and Engineering, Maulana Abul kalam Azad 
University of Technology, West Bengal, Haringhata, India 
Debashis De 


School of Computing and Information Systems, The University of Melbourne, 
Melbourne, Australia 


Rajkumar Buyya 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8 12 13/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 


Rights and permissions 


Reprints and permissions 


Copyright information 


© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 


About this chapter 


Cite this chapter 


Kumar, A., Somani, G. (2024). Cyber Attack Victim Separation: New Dimensions 

to Minimize Attack Effects by Resource Management. In: Mukherjee, A., De, D., Buyya, R. 
(eds) Resource Management in Distributed Systems. Studies in Big Data, vol 151. Springer, 
Singapore. https://doi.org/10.1007/978-981-97-2644-8 12 


DOI Published Publisher Name 
https://doi.org/10.1007/9 31 May 2024 Springer, Singapore 
78-981-97-2644-8 12 


Print ISBN Online ISBN eBook Packages 
978-981-97-2643-1 978-981-97-2644-8 Intelligent Technologies 


and Robotics 


Intelligent Technologies 
and Robotics (RO) 


Publish with us 


Policies and ethics (4 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8 12 14/15 


04/06/24, 11:46 Cyber Attack Victim Separation: New Dimensions to Minimize Attack Effects by Resource Management | SpringerLink 


https://link.springer.com/chapter/10.1007/978-981-97-2644-8 12 15/15 


